Search

Expected end of text, found '/' (at char 37), (line:1, col:38)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341262 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2026-27088 2 G5theme, Wordpress 2 Darna Framework, Wordpress 2026-03-30 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in G5Theme Darna Framework darna-framework allows Reflected XSS.This issue affects Darna Framework: from n/a through <= 2.9.
CVE-2026-27095 2 Mage-people, Wordpress 2 Bus Ticket Booking With Seat Reservation, Wordpress 2026-03-30 9.8 Critical
Deserialization of Untrusted Data vulnerability in magepeopleteam Bus Ticket Booking with Seat Reservation bus-ticket-booking-with-seat-reservation allows Object Injection.This issue affects Bus Ticket Booking with Seat Reservation: from n/a through <= 5.6.0.
CVE-2026-31913 2 Whitebox-studio, Wordpress 2 Scape, Wordpress 2026-03-30 8.6 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Whitebox-Studio Scape scape allows Path Traversal.This issue affects Scape: from n/a through < 1.5.16.
CVE-2026-31914 2 Hookandhook, Wordpress 2 Wp Courses Lms, Wordpress 2026-03-30 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hookandhook WP Courses LMS wp-courses allows DOM-Based XSS.This issue affects WP Courses LMS: from n/a through <= 3.2.26.
CVE-2026-31920 2 Devteam Haywoodtech, Wordpress 2 Product Rearrange For Woocommerce, Wordpress 2026-03-30 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Devteam HaywoodTech Product Rearrange for WooCommerce products-rearrange-woocommerce allows Blind SQL Injection.This issue affects Product Rearrange for WooCommerce: from n/a through <= 1.2.2.
CVE-2026-31921 2 Devteam Haywoodtech, Wordpress 2 Product Rearrange For Woocommerce, Wordpress 2026-03-30 8.2 High
Missing Authorization vulnerability in Devteam HaywoodTech Product Rearrange for WooCommerce products-rearrange-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Rearrange for WooCommerce: from n/a through <= 1.2.2.
CVE-2026-32441 2 Webtoffee, Wordpress 2 Wordpress Comments Import And Export, Wordpress 2026-03-30 7.7 High
Missing Authorization vulnerability in WebToffee Comments Import & Export comments-import-export-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Comments Import & Export: from n/a through <= 2.4.9.
CVE-2026-32484 2 Boldgrid, Wordpress 2 Weforms, Wordpress 2026-03-30 8.8 High
Deserialization of Untrusted Data vulnerability in BoldGrid weForms weforms allows Object Injection.This issue affects weForms: from n/a through <= 1.6.26.
CVE-2026-32488 2 Wordpress, Wpeverest 2 Wordpress, User Registration 2026-03-30 8.1 High
Incorrect Privilege Assignment vulnerability in wpeverest User Registration user-registration allows Privilege Escalation.This issue affects User Registration: from n/a through <= 4.4.9.
CVE-2026-32489 2 Bplugins, Wordpress 2 B Blocks, Wordpress 2026-03-30 6.5 Medium
Missing Authorization vulnerability in bPlugins B Blocks b-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects B Blocks: from n/a through < 2.0.30.
CVE-2026-32490 2 Ljapps, Wordpress 2 Wp Tripadvisor Review Slider, Wordpress 2026-03-30 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jgwhite33 WP TripAdvisor Review Slider wp-tripadvisor-review-slider allows Stored XSS.This issue affects WP TripAdvisor Review Slider: from n/a through <= 14.1.
CVE-2026-32499 2 Quantumcloud, Wordpress 2 Chatbot, Wordpress 2026-03-30 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in QuantumCloud ChatBot chatbot allows Blind SQL Injection.This issue affects ChatBot: from n/a through <= 7.7.9.
CVE-2026-32501 2 Wordpress, Wp-configurator 2 Wordpress, Wp Configurator Pro 2026-03-30 7.1 High
Missing Authorization vulnerability in wp-configurator WP Configurator Pro wp-configurator-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Configurator Pro: from n/a through <= 3.7.9.
CVE-2026-32502 2 Select-themes, Wordpress 2 Borgholm, Wordpress 2026-03-30 9.8 Critical
Deserialization of Untrusted Data vulnerability in Select-Themes Borgholm borgholm-marketing-agency-theme allows Object Injection.This issue affects Borgholm: from n/a through < 1.6.
CVE-2026-32504 2 Creativews, Wordpress 2 Vintwood, Wordpress 2026-03-30 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CreativeWS VintWood vintwood allows PHP Local File Inclusion.This issue affects VintWood: from n/a through <= 1.1.8.
CVE-2026-32507 2 Elated-themes, Wordpress 2 Leroux, Wordpress 2026-03-30 5.4 Medium
Deserialization of Untrusted Data vulnerability in Elated-Themes Leroux leroux allows Object Injection.This issue affects Leroux: from n/a through < 1.4.
CVE-2026-32508 2 Mikado-themes, Wordpress 2 Halstein, Wordpress 2026-03-30 5.4 Medium
Deserialization of Untrusted Data vulnerability in Mikado-Themes Halstein halstein allows Object Injection.This issue affects Halstein: from n/a through < 1.8.
CVE-2026-32510 2 Edge-themes, Wordpress 2 Kamperen, Wordpress 2026-03-30 5.4 Medium
Deserialization of Untrusted Data vulnerability in Edge-Themes Kamperen kamperen allows Object Injection.This issue affects Kamperen: from n/a through < 1.3.
CVE-2026-32512 2 Edge-themes, Wordpress 2 Pelicula, Wordpress 2026-03-30 9.8 Critical
Deserialization of Untrusted Data vulnerability in Edge-Themes Pelicula pelicula-video-production-and-movie-theme allows Object Injection.This issue affects Pelicula: from n/a through < 1.10.
CVE-2026-32513 2 Miguel Useche, Wordpress 2 Js Archive List, Wordpress 2026-03-30 8.8 High
Deserialization of Untrusted Data vulnerability in Miguel Useche JS Archive List jquery-archive-list-widget allows Object Injection.This issue affects JS Archive List: from n/a through <= 6.1.7.